The entrenchment of data networking into the routines of modern society, as evidenced by the prevalence of the Internet, particularly the World Wide Web, has placed ever-growing demands on service providers to continually improve network performance. To meet this challenge, service providers have invested heavily in upgrading their networks to increase system capacity (i.e., bandwidth). In many circumstances, such upgrades may not be feasible economically or the physical constraints of the communication system does not permit simply “upgrading.” Accordingly, service providers have also invested in developing techniques to optimize the performance of their networks.
The Open Systems Interconnection model (OSI) is a conceptual model that characterizes and standardizes the internal functions of a communications system by partitioning network communications into abstraction layers. With reference to FIG. 1, the OSI model layers are the physical layer, the data link layer, the network layer, the transport layer, the session layer, the presentation layer and the application layer. The physical layer defines the physical specifications of the data connection of a communications session, and defines the protocol required to establish and terminate a connection over that communication session. The data link layer provides for reliable link between two directly connected nodes over a communications connection or session. The data link layer is divided into two sub layers, the media access control (MAC) layer, responsible for controlling how nodes of the network are permitted to access data and to transmit the data, and logical link control (LLC) layer, for controlling error checking and packet synchronization. More specifically, the MAC sub-layer determines the physical addressing for the network nodes or hosts, and the LLC sub-layer is responsible for synchronizing frames, error checking, and flow control. The network layer provides for functional and procedural means for transferring variable length data sequences or datagrams from one node of the network to another. For example, the network layer provides for management of logical addressing within data packets and the delivery of those packets to the correct destination. The transport layer provides the functional and procedural means for transferring data packets from a source network node or host to a destination network node or host, including quality of service functions (e.g., the reliability of a given link via management of flow control and error control). The session layer controls data transmission for a given dialogue between network nodes or hosts over network links, such as establishing, management and termination of connections between local and remote network hosts for a given application session. The presentation layer establishes context between entities of the application layer whereby such entities may use different syntax and semantics with the presentation layer transforming such syntax and semantics for the receiving application. The application layer is the top layer of the OSI model, and interacts with applications that utilize the underlying network communications.
With respect to the Internet, Transmission Control Protocol/Internet Protocol (TCP/IP) comprises the core protocols for communications over the Internet. TCP provides for reliable, ordered and error-checked delivery of data octets between applications operating on network nodes or hosts of the Internet. IP comprises the principal communications protocol of the network or Internet layer, which is responsible for relaying datagrams across network boundaries (the routing functions that enable internetworking across the Internet). The TCP/IP model is partitioned into four abstraction layers, which are illustrated with respect to the seven OSI model layers in FIG. 1. The link layer (or the network access or interface layer) defines details of how data is physically sent through the network, including how bits are electrically or optically signaled by hardware devices that interface directly with a network medium (e.g., coaxial cable, optical fiber, or twisted pair copper wire). The link layer includes device drivers of the operating system and any corresponding network interface cards, which, together, handle hardware details of physically interfacing with the transmission media being utilized for the network communications. The network layer (also referred to as the Internet layer) handles the movement of packets around the network. The Internet layer provides for the formatting of data into packets known as IP datagrams, which contain source and destination address (logical address or IP address) information that is used to forward the datagrams between hosts and across networks. Also, routing of the data packets takes place at the network or Internet layer. Within the TCP/IP protocol, the Internet control message protocol (ICMP), and the Internet group management protocol (IGMP) may provide the network layer in the TCP/IP protocol suite. The transport layer provides for the flow of data between two network nodes or hosts, permitting such devices to carry on a conversation. The transport layer also defines the level of service and status of the connection when transporting data. The main protocols included at Transport layer are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). The application layer defines the TCP/IP application protocols and how host programs interface with the transport layer services for communications over the network. For example, the application layer includes all the higher-level protocols, such as the Domain Name System (DNS) Protocol, Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Network Management Protocol (SNMP), Dynamic Host Configuration Protocol (DHCP), etc.
TCP/IP provides reliable, in-sequence delivery of data between two IP hosts. The IP hosts set up a TCP connection, using a conventional TCP three-way handshake and then transfer data using a window-based protocol, where successfully received data packets are acknowledged by the receiving entity (hence, a reliable transmission protocol, as the transmitting host is notified of successfully received data packets and can thereby retransmit packets that are not acknowledged within a timeout period). FIG. 2 illustrates a ladder diagram depicting the three-way handshake process for establishing a TCP/IP connection over an Internet Protocol (IP) based network. Host A first sends a TCP synchronize (SYN) message/packet to Host B, and Host B responds with a synchronize-acknowledgement (SYN-ACK) message/packet. When Host A receives the SYN-ACK from Host b, Host A then sends back an acknowledge (ACK) message/packet, which completes the set-up of the respective TCP socket connection. SYN and ACK messages are indicated by setting either a SYN bit or an ACK bit in the TCP header, respectively, and the SYN-ACK message has both the SYN and the ACK bits set in the TCP header. When the communication between the two hosts ends, another 3-way communication is performed to tear down the TCP socket connection. This setup and teardown of a TCP socket connection reflects part of the basis for classifying TCP as a reliable protocol. TCP also acknowledges that data is successfully received and guarantees the data is reassembled in the correct order.
A Performance Enhancing Proxy (PEP) may be employed to improve the performance of Internet protocols on network paths where native performance suffers due to characteristics (such as latency of a satellite network) of a link or sub-network on the path. Further, in many Internet and intranet applications that employ TCP as the transport layer protocol, the link characteristics of the environment limit the performance of TCP and other higher layer protocols. In such cases, PEP process may be employed at the transport layer (a Transport Layer PEP), where such Transport Layer PEPs typically let the application protocol operate end-to-end without modifying the application protocol in any way (e.g., a PEP implementation that interacts with TCP layer or a TCP PEP). For example, in an environment with a large bandwidth-delay product (e.g., a satellite network), a TCP PEP may be used to alter the behavior of the TCP connection by generating “local acknowledgments,” and thereby eliminate the multi-step handshake process by spoofing transport layer handshake messages to the client applications, in order to improve the throughput of the respective connection. As a further example, a Split Connection PEP implementation may be employed, which terminates the TCP connection received from an end system and establishes a corresponding TCP connection to the other end system. In a distributed PEP implementation, this is typically done to allow the use of a third connection between two PEPs optimized for the link. The Internet Engineering Task Force (IETF), Request for Comments (RFC) No. 3135, “Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations” (June 2001), provides a more detailed description of TCP Spoofing and Split Connection PEP implementation, the entirety of which is incorporated herein by reference.
The Fast Fallback algorithm (also known as Happy Eyeballs) is one of a category of algorithms published by the IETF, which operates to make dual-stack applications (e.g., those that understand both IPv4 and IPv6, such as Web Browsers) more responsive to users. The Happy Eyeballs algorithm is designed to address a distinct problem that many IPv6 networks pose. When IPv6 connectivity is impaired, today's IPv6-capable applications (e.g., web browsers, email clients, instant messaging clients) incur many seconds of delay before falling back to IPv4. More specifically, the client first obtains the IPv4 and IPv6 records for the server, and then attempts to connect using IPv6 to the target If the IPv6 path fails, several seconds of time are consumed before the client falls-back to IPv4. Such delays significantly impact the overall application operation, and thereby impose a significant adverse effect on the user experience.
The Happy Eyeballs algorithm addresses this problem by determining which transport would be better used for a particular connection by trying them both in parallel. For example, the client sends two TCP SYNs at the same time over both IPv4 and IPv6. Then, if the IPv6 path fails, the IPv4 connection establishment is already running in parallel, and thus eliminates any long delay in falling-back to IPv4. After performing this procedure, the client learns whether connections to the host IPv6 or IPv4 address were successful, and caches the information regarding the outcome of each connection attempt for later reference so as to avoid burdening the network with subsequent attempts. The Happy Eyeballs algorithm may also be employed for choosing between transport protocols (e.g., TCP and SCTP). The IETF publication RFC No. 6555, “Happy Eyeballs: Success with Dual-Stack Hosts” (April 2012), provides a more detailed description of the Happy Eyeballs algorithm, the entirety of which is incorporated herein by reference.
As mentioned above, in PEP spoofing, the elimination of the multi-step handshake process involves spoofing of transport layer handshake messages to the client applications. In certain scenarios, however, when such PEP processes are employed, the transport layer handshake spoofing may interfere with host-based fallback mechanisms. Further, transport layer handshake spoofing may interfere with negotiation of transport layer connection characteristics, which may result in transport layer negotiation issues.
What is needed, therefore, is an approach for selective dynamic disabling of transport layer handshake spoofing only for connections where handshake spoofing would interfere with host-based fallback mechanisms and/or transport layer negotiations.